diff --git a/moulinette/authenticators/dummy.py b/moulinette/authenticators/dummy.py
index ea05da35..0fa91958 100644
--- a/moulinette/authenticators/dummy.py
+++ b/moulinette/authenticators/dummy.py
@@ -17,7 +17,7 @@ class Authenticator(BaseAuthenticator):
     vendor = 'dummy'
 
     def __init__(self, name, vendor, parameters, extra):
-        logger.debug("initialize authenticator '%s")
+        logger.debug("initialize authenticator dummy")
         super(Authenticator, self).__init__(name)
 
     def authenticate(self, password):
diff --git a/test/conftest.py b/test/conftest.py
index c67331ae..a450e638 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -1,7 +1,5 @@
 """Pytest fixtures for testing."""
 
-from multiprocessing import Process
-import time
 import json
 import os
 import shutil
@@ -121,19 +119,25 @@ def moulinette(tmp_path_factory):
     return moulinette
 
 
-@pytest.fixture(scope='session')
+@pytest.fixture
 def moulinette_webapi(moulinette):
 
-    namespace = "moulitest"
+    from webtest import TestApp
+    from webtest.app import CookiePolicy
 
-    api_thread = Process(target=moulinette.api,
-                         args=([namespace],),
-                         kwargs={"host": "localhost", "port": 12342, "use_websocket": False})
-    api_thread.start()
-    time.sleep(0.5)
-    assert api_thread.is_alive()
-    yield "http://localhost:12342"
-    api_thread.terminate()
+    # Dirty hack needed, otherwise cookies ain't reused between request .. not
+    # sure why :|
+    def return_true(self, cookie, request):
+        return True
+    CookiePolicy.return_ok_secure = return_true
+
+    moulinette_webapi = moulinette.core.init_interface(
+        'api',
+        kwargs={'routes': {}, 'use_websocket': False},
+        actionsmap={'namespaces': ["moulitest"], 'use_cache': True}
+    )
+
+    return TestApp(moulinette_webapi._app)
 
 
 @pytest.fixture
diff --git a/test/test_auth.py b/test/test_auth.py
index b5041be2..3c0aa1ae 100644
--- a/test/test_auth.py
+++ b/test/test_auth.py
@@ -1,46 +1,36 @@
 import os
-import requests
 
 
-def login(webapi, cookies=None, csrf=False, profile=None):
+def login(webapi, csrf=False, profile=None, status=200):
 
     data = {"password": "Yoloswag"}
     if profile:
         data["profile"] = profile
 
-    return requests.post(webapi + "/login",
-                         cookies=cookies,
-                         data=data,
-                         headers=None if csrf else {"X-Requested-With": ""})
+    return webapi.post("/login", data,
+                       status=status,
+                       headers=None if csrf else {"X-Requested-With": ""})
 
 
 def test_request_no_auth_needed(moulinette_webapi):
 
-    r = requests.get(moulinette_webapi + "/test-auth/none")
-
-    assert r.status_code == 200
-    assert r.text == '"some_data_from_none"'
+    assert moulinette_webapi.get("/test-auth/none", status=200).text == '"some_data_from_none"'
 
 
 def test_request_with_auth_but_not_logged(moulinette_webapi):
 
-    r = requests.get(moulinette_webapi + "/test-auth/default")
-
-    assert r.status_code == 401
-    assert r.text == "Authentication required"
+    assert moulinette_webapi.get("/test-auth/default", status=401).text == "Authentication required"
 
 
 def test_login(moulinette_webapi):
 
-    r = login(moulinette_webapi)
+    assert login(moulinette_webapi).text == "Logged in"
 
-    assert r.status_code == 200
-    assert r.text == "Logged in"
-    assert "session.id" in r.cookies
-    assert "session.tokens" in r.cookies
+    assert "session.id" in moulinette_webapi.cookies
+    assert "session.tokens" in moulinette_webapi.cookies
 
     cache_session_default = os.environ['MOULINETTE_CACHE_DIR'] + "/session/default/"
-    assert r.cookies["session.id"] + ".asc" in os.listdir(cache_session_default)
+    assert moulinette_webapi.cookies["session.id"] + ".asc" in os.listdir(cache_session_default)
 
 
 def test_login_csrf_attempt(moulinette_webapi):
@@ -49,51 +39,37 @@ def test_login_csrf_attempt(moulinette_webapi):
     # https://security.stackexchange.com/a/58308
     # https://stackoverflow.com/a/22533680
 
-    r = login(moulinette_webapi, csrf=True)
-
-    assert r.status_code == 403
-    assert "session.id" not in r.cookies
-    assert "session.tokens" not in r.cookies
-    assert "CSRF protection" in r.text
+    assert "CSRF protection" in login(moulinette_webapi, csrf=True, status=403).text
+    assert not any(c.name == "session.id" for c in moulinette_webapi.cookiejar)
+    assert not any(c.name == "session.tokens" for c in moulinette_webapi.cookiejar)
 
 
 def test_login_then_legit_request_without_cookies(moulinette_webapi):
 
     login(moulinette_webapi)
 
-    r = requests.get(moulinette_webapi + "/test-auth/default")
+    moulinette_webapi.cookiejar.clear()
 
-    assert r.status_code == 401
-    assert r.text == "Authentication required"
+    moulinette_webapi.get("/test-auth/default", status=401)
 
 
 def test_login_then_legit_request(moulinette_webapi):
 
-    r_login = login(moulinette_webapi)
+    login(moulinette_webapi)
 
-    r = requests.get(moulinette_webapi + "/test-auth/default",
-                     cookies={"session.id": r_login.cookies["session.id"],
-                              "session.tokens": r_login.cookies["session.tokens"], })
+    #for cookie in moulinette_webapi.cookiejar:
+    #    cookie.domain = "localhost"
 
-    assert r.status_code == 200
-    assert r.text == '"some_data_from_default"'
+    assert moulinette_webapi.get("/test-auth/default", status=200).text == '"some_data_from_default"'
 
 
 def test_login_then_logout(moulinette_webapi):
 
-    r_login = login(moulinette_webapi)
+    login(moulinette_webapi)
 
-    r = requests.get(moulinette_webapi + "/logout",
-                     cookies={"session.id": r_login.cookies["session.id"],
-                              "session.tokens": r_login.cookies["session.tokens"], })
+    moulinette_webapi.get("/logout", status=200)
 
-    assert r.status_code == 200
     cache_session_default = os.environ['MOULINETTE_CACHE_DIR'] + "/session/default/"
-    assert not r_login.cookies["session.id"] + ".asc" in os.listdir(cache_session_default)
+    assert not moulinette_webapi.cookies["session.id"] + ".asc" in os.listdir(cache_session_default)
 
-    r = requests.get(moulinette_webapi + "/test-auth/default",
-                     cookies={"session.id": r_login.cookies["session.id"],
-                              "session.tokens": r_login.cookies["session.tokens"], })
-
-    assert r.status_code == 401
-    assert r.text == "Authentication required"
+    assert moulinette_webapi.get("/test-auth/default", status=401).text == "Authentication required"
diff --git a/tox.ini b/tox.ini
index 03f4bb66..feeb4faa 100644
--- a/tox.ini
+++ b/tox.ini
@@ -18,6 +18,7 @@ deps =
   toml >= 0.10, < 0.11
   gevent-websocket
   bottle >= 0.12
+  WebTest >= 2.0, < 2.1
 commands =
     pytest {posargs}